On Wednesday, 30 July 2003 at 16:48:57 EDT, Tina Bird (Tina Bird <tbird@precision-guesswork.com>) wrote: > Anyone want to take a stab at definitions of auditing and logging, and > most in particular, how they differ? Logging is the act of recording operational information; auditing is the act of reviewing that information to ensure consistency and correctness. Contrast auditing with analysis, which is reviewing log information in order to interpret them rather than verify them. People sometimes speak of "turning on auditing", but what they really mean is "turning on audit logging", that is to say logging whose eventual intent is auditing. Audit logs can be used for analytical purposes, too, but I would argue that logs those aren't really audit logs, and wouldn't be called that were it not for the fact that much of the really granular logs are generated by subsystems that were originally designed to meet gov't/military requirements for auditability of compliance with infosec regulations, and were thus given names like audit_startup (in Trusted Solaris). > References also greatly appreciated -- thanks -- tbird How about Merriam-Webster: audit [noun] 2 : a methodical examination and review log [noun] 4 : a record of performance, events, or day-to-day activities -- Sweth. -- Sweth Chandramouli Idiopathic Systems Consulting svcat_private http://www.idiopathic.net/ _______________________________________________ LogAnalysis mailing list LogAnalysisat_private http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2b30 : Wed Jul 30 2003 - 15:16:25 PDT